1 files changed, 0 insertions, 71 deletions

diff --git a/share/security/patches/SA-00:23/ip-options.diff b/share/security/patches/SA-00:23/ip-options.diff
deleted file mode 100644
index 8e781fd7dc..0000000000
--- a/share/security/patches/SA-00:23/ip-options.diff
+++ /dev/null
@@ -1,71 +0,0 @@
-Index: ip_icmp.c
-===================================================================
-RCS file: /ncvs/src/sys/netinet/ip_icmp.c,v
-retrieving revision 1.39
-diff -u -r1.39 ip_icmp.c
---- ip_icmp.c	2000/01/28 06:13:09	1.39
-+++ ip_icmp.c	2000/06/08 15:26:39
-@@ -662,8 +662,11 @@
- 			    if (opt == IPOPT_NOP)
- 				    len = 1;
- 			    else {
-+				    if (cnt < IPOPT_OLEN + sizeof(*cp))
-+					    break;
- 				    len = cp[IPOPT_OLEN];
--				    if (len <= 0 || len > cnt)
-+				    if (len < IPOPT_OLEN + sizeof(*cp) ||
-+				        len > cnt)
- 					    break;
- 			    }
- 			    /*
-Index: ip_input.c
-===================================================================
-RCS file: /ncvs/src/sys/netinet/ip_input.c,v
-retrieving revision 1.130
-diff -u -r1.130 ip_input.c
---- ip_input.c	2000/02/23 20:11:57	1.130
-+++ ip_input.c	2000/06/08 15:25:46
-@@ -1067,8 +1067,12 @@
- 		if (opt == IPOPT_NOP)
- 			optlen = 1;
- 		else {
-+			if (cnt < IPOPT_OLEN + sizeof(*cp)) {
-+				code = &cp[IPOPT_OLEN] - (u_char *)ip;
-+				goto bad;
-+			}
- 			optlen = cp[IPOPT_OLEN];
--			if (optlen <= 0 || optlen > cnt) {
-+			if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
- 				code = &cp[IPOPT_OLEN] - (u_char *)ip;
- 				goto bad;
- 			}
-@@ -1174,6 +1178,10 @@
- 			break;
- 
- 		case IPOPT_RR:
-+			if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
-+				code = &cp[IPOPT_OFFSET] - (u_char *)ip;
-+				goto bad;
-+			}
- 			if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
- 				code = &cp[IPOPT_OFFSET] - (u_char *)ip;
- 				goto bad;
-Index: ip_output.c
-===================================================================
-RCS file: /ncvs/src/sys/netinet/ip_output.c,v
-retrieving revision 1.99
-diff -u -r1.99 ip_output.c
---- ip_output.c	2000/03/09 14:57:15	1.99
-+++ ip_output.c	2000/06/08 15:27:08
-@@ -1302,8 +1302,10 @@
- 		if (opt == IPOPT_NOP)
- 			optlen = 1;
- 		else {
-+			if (cnt < IPOPT_OLEN + sizeof(*cp))
-+				goto bad;
- 			optlen = cp[IPOPT_OLEN];
--			if (optlen <= IPOPT_OLEN || optlen > cnt)
-+			if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt)
- 				goto bad;
- 		}
- 		switch (opt) {